从$ _POST / $ _SESSION数组中删除所选项

I am posting from a form that selects products from a list, to a page with the selected products displayed. I want to have a link next to each item for removing an item from the selected list (array).

How do I do that? I seem to be losing the session once I click on the remove link.

session_start();

foreach($_SESSION['id'] as $key => $value){

      $array = explode(',', $value);

      if($value[0]!=''){
        $id = $array[0];
        $query = "SELECT * FROM products WHERE id = '$id'";
        $result = mysqli_query($dbc, $query);

          while ($row = mysqli_fetch_array($result)) {

            $product_id = $row['id'];

            echo '<tr valign="bottom">';
            echo '<td>' . stripslashes($row['category']) . '</a></td>';
            echo '<td>' . stripslashes($row['itemDesc']) . '</a></td>';
            echo '<td class="right">' . stripslashes(number_format($row['points'], 2)) . '</a></td>';
            echo '<td><a href="' . $_SERVER['PHP_SELF'] . '?action=remove&key=' . $key . '&s=' . $_SESSION['id'] . '">Remove</a></td>';
            echo "</tr>

";
            $points = stripslashes($row['points']);
            @$points_total += $points;
          }
      }
      }


$postid = $_POST['id'];
$_SESSION['id'] = $_POST['id'];

$product_id = htmlspecialchars(@$_GET['id'], ENT_QUOTES, 'UTF-8');//the product id from the URL
$s = $_SESSION['id'];
$s = htmlspecialchars(@$_GET['key'], ENT_QUOTES, 'UTF-8');//the product id from the URL
$action = htmlspecialchars(@$_GET['action'], ENT_QUOTES, 'UTF-8'); //the action from the URL

switch($action) {
    case "remove":
        unset($array[$id]); //remove $product_id from the array with
        echo $action . $product_id;
break;
    }

Here's the HTML for the form:

 <form method="post" action="products_selected.php">
<?php

  $query = "SELECT * FROM products ORDER BY rangeCode, category ASC";
  $result = mysqli_query($dbc, $query);
  while ($row = mysqli_fetch_array($result)) {

      $id = $row['id'];

    echo '<tr valign="bottom">';
    echo '<td>' . stripslashes($row['rangeCode']) . '</td>';
    echo '<td>' . stripslashes($row['category']) . '</a></td>';
    echo '<td>' . stripslashes($row['itemDesc']) . '</a></td>';
    echo '<td>' . number_format($row['points'], 2) . ' points ';
    echo '<input type="checkbox" name="id[]" value="' . $id . '" /></td>';
    echo '</tr>' . "

";
  }
  mysqli_close($dbc);
?>
 <tr><td colspan=13><input type="submit" name="submit" value="Order" /></td></tr>

Ok. After a bit of chat and co-working around this issue, we found some problems.

1. There's the need to insert a check around the code that uses $_GET and $_POST data, to avoid unwanted modification to other variables (an example: when the user clicks "Remove" to remove an item from his choices, the $_SESSION array will be updated with the $_POST array; since this contains nothing, the session array is emptied (and this was why the session was thought to be lost):

2. To find and delete the item from the session, we have to use the key retrieved from url and check if it's present into the session array. This can be seen in the code below.

   if (isset($_POST['id']))
   { 
     $_SESSION['id'] = $_POST['id']; 
   } 
   
   if(isset($_GET['key']) && ($_GET['action'] == 'remove'))
   { 
     if (array_key_exists($_GET['key'], $_SESSION['id']))
     { 
       unset($_SESSION['id'][$_GET['key']]); 
     } 
   } 
   

Some other minor changes have been made to the code, but the main problems were the ones explained.